nach oben

Peer-to-Peer Networking and Applications

Erschienen in:

01.09.2011

SyMon: A practical approach to defend large structured P2P systems against Sybil Attack

verfasst von: Jyothi B. S., Dharanipragada Janakiram

Erschienen in: Peer-to-Peer Networking and Applications | Ausgabe 3/2011

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Sybil attack is one of the most challenging problems that plague current decentralized Peer-to-Peer(P2P) systems. In Sybil attack, a single malicious user creates multiple peer identities known as sybils. These sybils are employed to target honest peers and hence subvert the system. In this paper, we describe a novel solution that enables all honest peers to protect themselves from sybils with high probability in large structured P2P systems. In our proposed sybil defense system, we associate every peer with another non-sybil peer known as SyMon. A given peer’s SyMon is chosen dynamically such that the chances of both of them being sybils are very low. The chosen SyMon is entrusted with the responsibility of moderating the transactions involving the given peer and hence makes it almost impossible for sybils to compromise the system. We show the effectiveness of our proposed system in defending against Sybil attack both analytically and experimentally. In addition to this, we explore the feasibility of our proposed solution in two P2P applications: reputation systems for P2P based file sharing applications and P2P applications susceptible to Denial-of-Service(DOS) attack, systems known to be highly vulnerable to Sybil attack. In each of our case studies, we discuss possible ways in which our solution can be employed to defend the system against Sybil attack.

Vorheriger Artikel Optimizing BitTorrent-like peer-to-peer systems in the presence of network address translation devices

Nächster Artikel Attack resilient P2P dissemination of RSS feed

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

A peer refers to a node/computer in the case of P2P overlay networks and a human user in the case of P2P applications.

The theoretical bound on a preimage search holds good since the input (i.e. the public key and hence the peer identity) cannot be modified arbitrarily.

The underlying P2P reputation system is assumed to i)manage the storage as well as the retrieval of the feedbacks from old SyMon peers as well as from old requester peers, for all transactions and ii)guide new requester peers in choosing reputed provider peers, based on these feedbacks.

SyMon selection method 4 is very similar to method 3 except for the inclusion of nonce as an additional puzzle parameter. Hence, it is equally employable in these experiments.

A decision is correct when a good transaction is also considered as legitimate.

Back A (2002) Hashcash—a denial of service countermeasure. http://www.hashcash.org/hashcash.pdf

Bhattacharjee R, Goel A (2005) Avoiding ballot stuffing in ebay-like reputation systems. In: P2PECON ’05: proceedings of the 2005 ACM SIGCOMM workshop on economics of peer-to-peer systems

BitTorrent. http://bitconjurer.org/BitTorrent/. Accessed March 2009

Borisov N (2006) Computational puzzles as sybil defenses. In: P2P ’06: proceedings of the sixth IEEE international conference on peer-to-peer computing

B. S. J, Janakiram D (2009) Symon: defending against sybil attack in large structured p2p systems. In: P2P’09: proceedings of the 9th international conference on peer-to-peer computing, pp 21–30

Castro M, Druschel P, Ganesh A, Rowstron A, Wallach DS (2002) Secure routing for structured peer-to-peer overlay networks. In: OSDI ’02: proceedings of the 5th symposium on operating systems design and implementation

Chan EM, Gunter CA, Jahid S, Peryshkin E, Rebolledo D (2008) Using rhythmic nonces for puzzle-based dos resistance. In: CSAW ’08: proceedings of the 2nd ACM workshop on computer security architectures

Chokhani S, Ford W, Sabett RV, Merrill CR, Wu SS (2003) Internet x.509 public key infrastructure certificate policy and certification practices framework. RFC 3647

Christin N, Weigend AS, Chuang J (2005) Content availability, pollution and poisoning in file sharing peer-to-peer networks. In: EC ’05: proceedings of the 6th ACM conference on electronic commerce

10.

Costa C, Almeida J (2007) Reputation systems for fighting pollution in peer-to-peer file sharing systems. In: P2P ’07: proceedings of the seventh IEEE international conference on peer-to-peer computing

11.

Danezis G, Mittal P (2009) Sybilinfer: detecting sybil nodes using social networks. In: NDSS ’09: proceedings of the 16th annual network and distributed system security symposium

12.

Dasgupta A (2005) The matching, birthday and the strong birthday problem: a contemporary review. J Statist Plann Inference 130:377–389MathSciNetMATHCrossRef

13.

Dinger J, Hartenstein H (2006) Defending the sybil attack in p2p networks: taxonomy, challenges, and a proposal for self-registration. In: ARES ’06: proceedings of the first IEEE international conference on availability, reliability and security

14.

Douceur JR (2002) The sybil attack. In: IPTPS ’01: the first international workshop on peer-to-peer systems

15.

Ellison C, Frantz B, Lampson B, Rivest R, Thomas B, Ylonen T (1999) Spki certificate theory. RFC 2693

16.

FreePastry. http://www.freepastry.org/. Accessed March 2009

17.

Friedman EJ, Resnick P (2001) The social cost of cheap pseudonyms. J Econ Manage Strategy 10(2):173–199CrossRef

18.

Halderman JA, Waters B (2007) Harvesting verifiable challenges from oblivious online sources. In: CCS ’07: proceedings of the 14th ACM conference on computer and communications security

19.

Juels A, Brainard J (1999) Client puzzles: a cryptographic countermeasure against connection depletion attacks. In: ISOC ’99: proceedings of the 1999 ISOC network and distributed system security symposium

20.

Kamvar SD, Schlosser MT,, Garcia-Molina H (2003) The eigentrust algorithm for reputation management in p2p networks. In: WWW ’03: proceedings of the 12th international conference on World Wide Web

21.

Kazaa. http://www.kazaa.com/. Accessed March 2009

22.

Kelsey J, Schneier B (2005) Second preimages on n-bit hash functions for much less than 2ⁿ work. In: Advances in cryptology EUROCRYPT

23.

Liang J, Kumar R, Xi Y, Ross KW (2005) Pollution in p2p file sharing systems. In: INFOCOM 2005: 24th IEEE international conference on computer communications

24.

Liang J, Naoumov N, Ross KW (2005) Efficient blacklisting and pollution-level estimation in p2p file-sharing systems. In: Proceedings of AINTEC 2005

25.

Lua EK, Crowcroft J, Pias M, Sharma R, Lim S (2005) A survey and comparison of peer-to-peer overlay network schemes. IEEE Comm Surveys and Tutorials 7(2):72–93CrossRef

26.

Mahajan R, Castro M, Rowstron A (2003) Controlling the cost of reliability in peer-to-peer overlays. In: IPTPS ’03: the third international workshop on peer-to-peer systems

27.

Massoulié L, Merrer EL, Kermarrec AM, Ganesh A (2006) Peer counting and sampling in overlay networks: random walk methods. In: PODC ’06: proceedings of the twenty-fifth annual ACM symposium on principles of distributed computing

28.

Napster. http://www.napster.com/. Accessed March 2009

29.

Ripeanu M (2001) Peer-to-peer architecture case study: Gnutella network. In: P2P ’01: proceedings of the first international conference on peer-to-peer computing

30.

Rowaihy H, Enck W, McDaniel P, Porta TL (2007) Limiting sybil attacks in structured p2p networks. In: INFOCOM 2007:26th IEEE international conference on computer communications

31.

Rowstron AIT, Druschel P (2001) Pastry: scalable, decentralized object location and routing for large-scale peer-to-peer systems. In: Middleware ’01: proceedings of the IFIP/ACM international conference on distributed systems platforms Heidelberg

32.

SHA-1. Secure hash algorithm. http://www.ietf.org/rfc/rfc3174.txt. Accessed March 2009

33.

Shafaat TM, Ghodsi A, Haridi S (2008) A practical approach to network size estimation for structured overlays. In: IWSOS ’08: proceedings of the 3rd international workshop on self-organizing systems

34.

Shamir A, Tromer E (2003) On the cost of factoring rsa-1024. RSA CryptoBytes 6(2):10–19

35.

Skype. http://www.skype.com/. Accessed March 2009

36.

Stoica I, Morris R, Liben-Nowell D, Karger DR, Kaashoek MF, Dabek F, Balakrishnan H (2003) Chord: a scalable peer-to-peer lookup protocol for internet applications. IEEE/ACM Trans Netw 11(1)

37.

Tiri K (2007) Side-channel attack pitfalls. In: DAC ’07: proceedings of the 44th annual conference on design automation

38.

Tran N, Min B, Li J, Submaranian L (2009) Sybil-resilient online content voting. In: Proceedings of the 6th symposium on networked system design and implementation (NSDI)

39.

Walsh K, Sirer EG (2005) Fighting peer-to-peer spam and decoys with object reputation. In: P2PECON ’05: proceedings of the 2005 ACM SIGCOMM workshop on economics of peer-to-peer systems

40.

Wang X, Yin YL, Yu H (2005) Finding collisions in the full sha-1. In: Crypto-05

41.

Waters B, Juels A, Halderman JA, Felten EW (2004) New client puzzle outsourcing techniques for dos resistance. In: CCS ’04: proceedings of the 11th ACM conference on computer and communications security

42.

Yang Y, Feng Q, Sun YL, Dai Y (2008) Reptrap: a novel attack on feedback-based reputation systems. In: SecureComm ’08: proceedings of the 4th international conference on security and privacy in communication networks

43.

Yu H, Gibbons PB, Kaminsky M, Xiao F (2008) Sybillimit: a near-optimal social network defense against sybil attacks. In: SP ’08: proceedings of the IEEE symposium on security and privacy.

Titel: SyMon: A practical approach to defend large structured P2P systems against Sybil Attack
verfasst von: Jyothi B. S.
Dharanipragada Janakiram
Publikationsdatum: 01.09.2011
Verlag: Springer US
Erschienen in: Peer-to-Peer Networking and Applications / Ausgabe 3/2011
Print ISSN: 1936-6442
Elektronische ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-010-0084-0

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 3/2011

Optimizing BitTorrent-like peer-to-peer systems in the presence of network address translation devices

Attack resilient P2P dissemination of RSS feed

Avoidance of churn rate through temporal centralization in Chord

Fuzzynet: Ringless routing in a ring-like structured overlay

Incorporating contribution-awareness into mesh-based Peer-to-Peer streaming systems

Survey of search and optimization of P2P networks